At 9:41 AM -0400 8/31/2003, Charles Mangin wrote: >i've been following the latest discussion of the most efficient RBLs to add and IPs >to blacklist, and wonder how you guys are coming up with your numbers of spams >blocked per RBL. > >i assume you're doing some kind of grep on the logs that sims produces, but is there >a particular methodology you're using? i guess i could just run them all through >bbedit's search function and count the hits on "spam" or "blocked", or something like >that... if there were, say, an applescript someone was using...
I've just started using an Applescript on my logs. I have it process one folder of logs at a time. Currently, a folder contains a full month of logs but I may change that to a week each or some other interval so I can see any changes more quickly. You select the folder and the script tells BBEdit to copy all lines containing RBL hits from each log therein and consolidate them into one results file. The script then counts instances of identical lines to give me totals. The results look like this: cn-kr.blackholes.us with result [127.0.0.2]: 890 cn-kr.blackholes.us with result [127.0.0.3]: 669 dialups.relays.osirusoft.com with result [127.0.0.3]: 44 dialups.relays.osirusoft.com with result [127.0.0.4]: 8 malaysia.blackholes.us with result [127.0.0.2]: 19 nigeria.blackholes.us with result [127.0.0.2]: 7 relays.osirusoft.com with result [127.0.0.2]: 429 relays.osirusoft.com with result [127.0.0.3]: 113 relays.osirusoft.com with result [127.0.0.4]: 1306 relays.osirusoft.com with result [127.0.0.6]: 829 singapore.blackholes.us with result [127.0.0.2]: 31 > >i ask because i'm curious to see how effective my settings are from month to month, Which is why I decided to script something... -- Warren Michelsen <[EMAIL PROTECTED]> Online Tools For Business -- <http://www.OTFB.com/> Small Business & E-commerce web hosting ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
